General Data Protection Regulation (GDPR)
Gibraltar Software (the creators of Loupe) comply with GDPR through two seperate approaches: One for all of our information and marketing sites and another for our subscription-based Loupe Cloud-Hosted service.
How Gibraltar Software Complies with GDPR
Like most companies that offer products online, we track anonymous users to understand navigation paths and what content people like (or don’t like). If you provide your email address or name to us (typically to sign up for a trial or purchase) then we can track your specific interactions which we use primarily to help us support you by seeing what content you’ve visited.
We expire anonymous tracking information after 24 months and user accounts that have no commercial relationship with us after six months. If you want to be removed immediately you can do so using the Unregister page.
How Loupe Cloud-Hosted Complies with GDPR
Loupe as Data Provider
Like most SaaS products, Loupe collects tracking information for how users navigate our application and what features they use. This information is aggregated by subscription and globally so we can understand usage patterns. We also collect and retain diagnostic logs to support the service. We expire tracking information after 24 months and diagnostic logs after six months.
By providing an email address to set up a user for Loupe Cloud-Hosted you are consenting to us sending communication to that address for routine application purposes including notifications about your data, your subscription, and your account.
Loupe as Data Processor
Depending on how you use Loupe you may be subject to GDPR and in turn we may be treated as a Data Processor. For example, if you use the Loupe Agent to record diagnostic information of your web site and have EU citizens and you have not set the agent to anonymize data then you should consider that diagnostic data subject to GDPR.
Your Loupe Service automatically ages out detailed diagnostic data on a schedule set by the subscription. Additionally, Loupe offers the ability to delete information related to a single user to support the right to be forgotten. We have a designated security and privacy officer and will also sign a Data Processing Addendum for organizations that request it.